Public, private, and hybrid Clouds and other virtualization solutions (further on called ‘Cloud’) help to minimize costs and give companies flexibility in scaling up or down with their needs. However, such solutions may be problematic from a data privacy perspective as laws and regulations in different territories may require special protection of sensitive data which can go far beyond well-known computer security mechanisms, such as data encryption, firewalls, or intrusion detection and prevention. It is not unusual that such sensitive data come with constraints which make it difficult or sometimes even impossible for Cloud service providers to comply with. Examples of such constraints are that data have to stay in a certain region or state, or that access to that data for administrative or operational purposes can only be granted to persons with a certain nationality. And usually the compliance with such regulations has to be proven and may need to be validated regularly by an external auditor accepted by the regulator—which comes along with a huge continuous investment from the Cloud service provider and the Cloud service consumer, as in most cases the certification of compliance is the responsibility of the service consumer and the service provider has to assist with that.
Data encryption for data in transit and data on disk do unfortunately not help here because sooner or later the data need to be decrypted to be processed in the Cloud, which then requires that the Cloud solution needs to be fully compliant with the data privacy constraints.
A typical solution is addressing that problem by encrypting any data when it enters the Cloud. If all data are encrypted, and the systems operate only on the encrypted data, then from the perspective of data privacy, the environment may operate on “data waste” and the data privacy rules do not apply. But those solutions have a couple of issues: (1) logical operations like sorting, filtering, or adjusting date and time formats on the presentation layer do not work because the Cloud application would perform that operation on encrypted data; (2) any data modification in the business logic by a Cloud application would not work as the data are encrypted; (3) any interface inserting or extracting data to or from Cloud systems would have to be intercepted so that encrypted data can be decrypted and vice versa.
In a typical embodiment of such a solution, users are typically accessing data through a Web portal. This may also be assumed here.
A disadvantage of known solutions remain in the sense that applications operating on sensitive data may require specific provisions to operate with such sensitive data in comparison to non-sensitive data.
Thus, there is a need to overcome the difference in data handling that an application program has to be aware of operating on sensitive and/or non-sensitive data if the sensitive data are stored and operated on in a Cloud computing environment.